Latest Malware news

Fujitsu found malware on IT systems, confirms data breach

Japanese tech giant Fujitsu discovered that several of its systems were infected by malware and warns that the hackers stole customer data.
- Bill Toulas
- March 18, 2024
- 10:01 AM
- 3
StopCrypt: Most widely distributed ransomware evolves to evade detection

A new variant of StopCrypt ransomware (aka STOP) was spotted in the wild, employing a multi-stage execution process that involves shellcodes to evade security tools.
- Bill Toulas
- March 14, 2024
- 04:59 PM
- 3
Hackers exploit Windows SmartScreen flaw to drop DarkGate malware

A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.
- Bill Toulas
- March 13, 2024
- 05:26 PM
- 2
Magnet Goblin hackers use 1-day flaws to drop custom Linux malware

A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy custom malware on Windows and Linux systems.
- Bill Toulas
- March 09, 2024
- 10:08 AM
- 1
New WogRAT malware abuses online notepad service to store malware

A new malware dubbed 'WogRAT' targets both Windows and Linux in attacks abusing an online notepad platform named 'aNotepad' as a covert channel for storing and retrieving malicious code.
- Bill Toulas
- March 05, 2024
- 03:25 PM
- 0
ScreenConnect flaws exploited to drop new ToddlerShark malware

The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant dubbed ToddlerShark.
- Bill Toulas
- March 04, 2024
- 05:14 PM
- 0
Stealthy GTPDOOR Linux malware targets mobile operator networks

Security researcher HaxRob discovered a previously unknown Linux backdoor named GTPDOOR, designed for covert operations within mobile carrier networks.
- Bill Toulas
- March 03, 2024
- 10:16 AM
- 2
CISA warns of Microsoft Streaming bug exploited in malware attacks

CISA ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their Windows systems against a high-severity vulnerability in the Microsoft Streaming Service (MSKSSRV.SYS) that's actively exploited in attacks.
- Sergiu Gatlan
- March 01, 2024
- 02:18 PM
- 0
New Bifrost malware for Linux mimics VMware domain for evasion

A new Linux variant of the Bifrost remote access trojan (RAT) employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware.
- Bill Toulas
- February 29, 2024
- 04:36 PM
- 0
Malicious AI models on Hugging Face backdoor users’ machines

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor.
- Bill Toulas
- February 28, 2024
- 05:12 PM
- 1
Japan warns of malicious PyPi packages created by North Korean hackers

Japan's Computer Security Incident Response Team (JPCERT/CC) is warning that the notorious North Korean hacking group Lazarus has uploaded four malicious PyPI packages to infect developers with malware.
- Bill Toulas
- February 28, 2024
- 10:04 AM
- 0
LockBit ransomware secretly building next-gen encryptor before takedown

LockBit ransomware developers were secretly building a new version of their file encrypting malware, dubbed LockBit-NG-Dev - likely a future LockBit 4.0, when law enforcement took down the cybercriminal's infrastructure earlier this week.
- Bill Toulas
- February 22, 2024
- 08:51 AM
- 0
Hackers abuse Google Cloud Run in massive banking trojan campaign

Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban.
- Bill Toulas
- February 21, 2024
- 04:07 PM
- 0
New SSH-Snake malware steals SSH keys to spread across the network

A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure.
- Bill Toulas
- February 21, 2024
- 02:03 PM
- 2
Anatsa Android malware downloaded 150,000 times via Google Play

The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play.
- Bill Toulas
- February 19, 2024
- 08:34 AM
- 1
Hacker arrested for selling bank accounts of US, Canadian users

Ukraine's cyber police arrested a 31-year-old for running a cybercrime operation that gained access to bank accounts of American and Canadian users and sold them on the dark web.
- Bill Toulas
- February 18, 2024
- 10:06 AM
- 1
Zeus, IcedID malware gangs leader pleads guilty, faces 40 years in prison

Ukrainian national Vyacheslav Igorevich Penchukov, one of the heads of the notorious JabberZeus cybercrime gang, has pleaded guilty to charges related to his leadership roles in the Zeus and IcedID malware groups.
- Sergiu Gatlan
- February 15, 2024
- 06:05 PM
- 2
New Qbot malware variant uses fake Adobe installer popup for evasion

The developer of Qakbot malware, or someone with access to the source code, seems to be experimenting with new builds as fresh samples have been observed in email campaigns since mid-December.
- Bill Toulas
- February 15, 2024
- 08:27 AM
- 0
New ‘Gold Pickaxe’ Android, iOS malware steals your face for fraud

A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access.
- Bill Toulas
- February 15, 2024
- 03:00 AM
- 2
Ubuntu 'command-not-found' tool can be abused to spread malware

A logic flaw between Ubuntu's 'command-not-found' package suggestion system and the snap package repository could enable attackers to promote malicious Linux packages to unsuspecting users.
- Bill Toulas
- February 14, 2024
- 11:00 AM
- 0